Technical Support Plan

Environments

We provide multiple deployment options for our products, giving our customers the flexibility to make use of all the product features by choosing the best model that suits your organization's business needs.

Contact Us

Cyware Daily Threat Intelligence November 20, 2017

EMOTET variantThe notorious malware has spawned various new variants since its inception in the year 2014. Its primary role is to intercept network activity and steal data via DLL injections. However, in the recently released malware strain, new evasive features have been added that allows the malware to terminate itself if it determines it is in a sandbox environment.

Android backdoorA backdoor file in the executable and linkable format (ELF) is said to be a part of an Android malware. The malware is reported to be belonging to the Lazarus cybercrime group. The malware poses as a legitimate APK, available from Google Play, for reading the Bible in Korean.

Top Vulnerabilities Reported in the Last 24 Hours

Oracle Tuxedo platform patchedAn emergency patch has been released by Oracle for resolving the serious server vulnerability issues.Also, some of the vulnerabilities had received top severity ratings. The most critical security flaw — a memory leak issue similar to HeartBleed — has also been fixed.

Android vulnerabilityA fresh bug in Android smartphones has been found that exploits the MediaProjection service to access users’ screen and records audio. MediaProjection is a service capable of capturing screen contents and record system audio. This service exists in every Android system, but only apps deployed by Android OEMs can use it.

High Sierra vulnerabilityThere is a new update for High Sierra — released by Apple — that addresses various security upgrades and invasive ad tracker blocking in Safari and weekly firmware validation. Although, a serious flaw has been identified by a researcher that extracts passwords from Apple’s High Sierra. Older macOS versions are also affected by the attack.

Top Breaches Reported in the Last 24 Hours

ABC data leakRecently, Australian Broadcasting Corporation (ABC) has become vulnerable to the sensitive corporate data. The leak was a result of the exposure of the AWS S3 repositories that included usernames, email addresses, password hashes, and other user details. Leaked data belonged to ABC Commercial and included 1800 daily backups of their database.

Microsoft suspects source code leakSecurity researchers believe that Microsoft may have lost the source code to one of its Office components. The suspicion arose after Microsoft released a security update CVE-2017-11882 that affected EQNEDT32.EXE. Also, it is reported that the developers made a series of changes directly to the buggy program’s executable file.

Medical college data breachAbout 9,500 patients of the Medical College of Wisconsin (MCW) have been informed that its confidential information may have been compromised in a targeted attack in late July. According to a news release from the MCW, a small number of faculty and staff were victims of a spear phishing attack.

To enhance your experience on our website, we use cookies to help us understand how you interact with our website. By continuing navigating through Cyware’s website and its products, you are accepting the placement and use of cookies. You can also choose to disable your web browser’s ability to accept cookies and how they are set. For more information, please see our Privacy Policy.